Additional Info

CompanyERPScan
Websitehttp://erpscan.com
Company size (employees)60
Type of solutionSoftware

Overview

Innovation is main competency, even before founding a company our experts and researchers were famous for doing things before market will se the demand. Here is the short list of our innovations in Product and research

Product
2010 World-first enterprise-level platform to monitor SAP Security
2011 World-first product to analyze SAP J2EE Platform security;
2013 World-first Product to combine vulnerability Assessment, Source Code Code and Segregation of Duties checks in one platform;
2015 World-first product to analyze Oracle Peoplesoft Platform security;
2015 Automatic correction for vulnerabilities in the source code for ERP Systems

Research
2009 World-first public presentation about SAP Frontend security;
2010 World-first public presentation include attacks on Oracle Business Application (Oracel JDE);
2010 reported World-first vulnerabilities in SAP BusnessObjects;
2011 World-first public presentation about SAP J2EE security;
2012 World-First public presentation about Oracle Peoplesoft attacks;
2013 Invented new type of attack against SAP and other applications– SSRF;
2013 World-first vulnerabilities published in SAP Mobile applications;
2014 World-first Training about Business Application Security;
2015 World-first public presentation about SAP Mobile Platform security
2015 World-first Research about Oil and Gas Cybersecurity

Overall Leadership:
– Reveal 3 most critical issues in SAP
– Leaders by the number of founded vulnerabilities in SAP and Oracle (400+)
– 80+ Innovative Presentations in security conference
– Award-winning research papers “SAP Security in figures”
– 2nd Place on Top Web Hacking Techniques 2012

How we are different

• Unique &Complete. Identify, Analyze and Fix security issues including vulnerabilities, misconfigurations, and SOD violations in SAP and Oracle
• Enterprise & Detailed. Continuous management of vast landscapes with the largest database of 10000+ security checks.
• Industry-specific. Specific checks for industry solutions in Oil and Gas, Manufacturing, Energy, Utilities, Retail, Banking and others


How we are different

- Our Product:


We have the only solution on the market that enables effective Identification, Analysis and Remediation of security issues in SAP and Oracle business applications and helps to protect system against cyber-attacks and internal fraud. It embraces the three tiers of SAP security: Vulnerability Management, Source Code Security for custom ABAP and JAVA programs, and Segregation of Duties. And finally, it has Industry-specific checks for industries such as Oil and Gas, Retail, Manufacturing and others.


- Our Research team:


It has achieved multiple acknowledgments from the largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, HP for exposing in excess of 400 ERPScan researchers take proud in exposing new types of vulnerabilities (TOP 10 Web hacking techniques 2012) and were nominated for best server-side vulnerability in BlackHat 2013. ERPScan experts have been invited to speak, present and train at 80+ prime international security conferences in 25+ countries across the continents. These include BlackHat, RSA, HITB as well as private trainings for SAP in several Fortune 2000 companies.
ERPScan researchers lead project EAS-SEC, which is focused on enterprise application security research and awareness. They have published 3 exhaustive annual award-winning surveys about SAP Security.
We have highly qualified experts in staff with experience in many different fields of security, from web applications and mobile/embedded to reverse engineering and ICS/SCADA systems, accumulating their experience to conduct research in SAP system security.


Our Recognitions:


- We got 30+ Awards including SC Magazine Rookie Company and CRN Emerging Vendor during last 2 years and were mentioned in Wired, VICE, BusinessInsider, Reuters, The Register, and other media sources in 20+ countries without ANY investment on PR agencies.